Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-25840)

NETGEAR EX7000 and others are a wireless network signal extender from NETGEAR. A cross-site scripting vulnerability exists in several NETGEAR products. The vulnerability stems from the lack of proper validation of client data by the WEB application, which can be exploited by an attacker to execut...

SRC-2020-0018 : Adobe Acrobat Reader DC Out-of-Bounds Read Information Disclosure Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specifi...

Fifthplay S.A.M.I Cross-Site Scripting Vulnerability

Fifthplay S.A.M.I is a management interface used in Fifthplay products from Fifthplay Belgium. A cross-site scripting vulnerability exists in versions prior to Fifthplay S.A.M.I 2019.3HP2. The vulnerability stems from the WEB application lacking proper validation of client data. An attacker can...

HPE Onboard Administrator Cross-Site Scripting Vulnerability

HPE Onboard Administrator is a management program for HP BladeSystem c-series servers from Hewlett Packard Enterprise HPE. A cross-site scripting vulnerability exists in HPE Onboard Administrator version v4.85. The vulnerability stems from a lack of proper validation of client data by the WEB...

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-31239)

NETGEAR D6200 and others are products of NETGEAR Corporation.NETGEAR D6200 is a wireless modem.NETGEAR WNR2020 is a wireless router.NETGEAR R6220 is a wireless router.NETGEAR WNR2020 is a wireless router.NETGEAR WNR2020 is a wireless router.NETGEAR WNR2020 is a wireless router.NETGEAR WNR2020 is ...

Anchor Cross-Site Scripting Vulnerability

Anchor is an open source lightweight blogging system. A cross-site scripting vulnerability exists in Anchor version 0.12.7. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...

The vulnerability of Google Chrome, related to insufficient validation of input data, allows a perpetrator to compromise data integrity.

The vulnerability of Google Chrome is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to compromise the integrity of data...

The vulnerability of Google Chrome’s browser, related to insufficient data validation, allows attackers to compromise data integrity.

The vulnerability of Google Chrome is related to insufficient data validation during downloads. Exploiting this vulnerability allows a remote attacker to compromise data integrity...

PHP 7.2.x < 7.2.30 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP running on the remote web server is 7.2.x prior to 7.2.30. It is, therefore, affected by multiple vulnerabilities: - An out-of-bounds read error exists in urldecode due to improper data validation checks. An attacker can exploit...

CVE-2020-10914

This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PerformHandshake method. The issue results from the lack of proper...

CVE-2020-10894

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

CVE-2020-10889

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2020-10893

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Design/Logic Flaw

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2020-10902

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Google Chrome URL Formatting Security Bypass Vulnerability

Google Chrome is a web browser from Google, an American company. A security vulnerability exists in Google Chrome prior to version 81.0.4044.122, which stems from the program's failure to perform adequate data validation when formatting URLs. A remote attacker can exploit the vulnerability to...

NETGEAR ReadyNAS OS Cross-Site Scripting Vulnerability

NETGEAR ReadyNAS OS is a proprietary operating system developed by NETGEAR and designed for ReadyNAS network attached storage NAS devices to provide data protection, backup, synchronization and cloud management. The NETGEAR ReadyNAS OS suffers from a cross-site scripting vulnerability that stems...

Buffer Overflow Vulnerability in Multiple NETGEAR Products (CNVD-2021-67653)

NETGEAR D7800 is a wireless modem, NETGEAR R7500 is a wireless router, NETGEAR WNDR4300 is a wireless router, and NETGEAR D7800 is a wireless modem. A buffer overflow vulnerability exists in multiple NETGEAR products. The vulnerability stems from a networked system or product that does not proper...